{"vuid":"VU#102465","idnumber":"102465","name":"PGP Desktop service fails to validate user supplied data","keywords":["PGP Desktop","arbitrary code execution","RPC interface","PGPServ.exe","PGPsdkServ.exe","\\pipe\\pgpserv","\\pipe\\pgpsdkserv"],"overview":"PGP Desktop fails to properly validate objects passed into the PGP Desktop service. This vulnerability may allow a remote, authenticated attacker to execute arbitrary code.","clean_desc":"PGP Desktop versions prior to 9.5.1 fail to properly validate objects passed into the PGP Desktop service (PGPServ.exe/PGPsdkServ.exe). This service is installed by PGP Desktop to transport objects and data between the PGP clients and the PGP Desktop service. The PGP Desktop service fails to properly validate user-supplied data. This may allow a remote, authenticated attacker to overwrite arbitrary memory.","impact":"A remote, authenticated attacker may be able to execute arbitrary code, possibly with elevated privileges.","resolution":"Upgrade PGP has addressed this issue in PGP version 9.5.1 and above.","workarounds":"Workarounds PGP has provided the following workarounds: 1. Turn off Windows Filesharing. This is the definitive way to eliminate the problem since disabling Windows Filesharing would prevent the attack. 2. Use a third-party Personal Firewall, or the built-in Windows XP SP2 Firewall. Block foreign connections to your RPC/Filesharing services.","sysaffected":"","thanks":"This vulnerability was reported by Peter Winter-Smith of NGSSoftware.","author":"This document was written by Katie Steiner.","public":["https://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=703","http://secunia.com/advisories/23938/","http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-pgp-desktop/","http://www.itnews.com.au/newsstory.aspx?CIaNID=44982&src=site-marq","http://www.vnunet.com/vnunet/news/2173564/flaw-found-pgp-encryption"],"cveids":["CVE-2007-0603"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-01-26T15:34:48Z","publicdate":"2007-01-25T00:00:00Z","datefirstpublished":"2007-01-31T14:40:57Z","dateupdated":"2007-02-12T09:15:33Z","revision":25,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"3","cam_widelyknown":"9","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"11","cam_impact":"20","cam_easeofexploitation":"7","cam_attackeraccessrequired":"10","cam_scorecurrent":"4.0425","cam_scorecurrentwidelyknown":"7.21875","cam_scorecurrentwidelyknownexploited":"12.99375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.0425,"vulnote":null}